Getting started

iPXE integration

The debops.preseed role integrates very well with the Debian-Installer configuration provided with the debops.ipxe role. You can use the menu system defined there to select different Preseed flavors and provide needed parameters like hostname and Debian mirror to use.

How Debian Installer preseeding works

The Debian Installer can use automatic preseed.cfg lookup system when specific kernel parameters are defined during the boot process. These parameters are:

auto=true url=<seed>

If a simple string and not a full URL is specified as <seed>, Debian Installer will expand it to:

http://<seed>/d-i/<release>/preseed.cfg

To enable Preseeded installation, after starting the Debian Installer, navigate the menu to "Advanced options" -> "Automated Install". Next, press the <Tab> key, this will let you enter additional boot options. Now you can specify the URL of the Preseed file. The menu system implemented in the debops.ipxe role can do this automatically for you when you select preseed installation method.

Default set of Preseed flavors

Debian Preseeding can be used to provision various types of hardware or virtual machines. Not all of them are the same however, and to facilitate that, the debops.preseed role implements a system of preseed "flavors" which can be selected to enable different configuration options. The current set of "flavors" available by default is:

root-only

administrative user

hardware, non-free APT repos, manual partitioning

debian

debian-user

virtual machine, guided single LVM partition

debian-vm

debian-vm-user

If we assume that the DNS domain of the cluster is example.org, the Preseed flavors are presented as DNS subdomains of the main server domain by default defined as seed.example.org. For this to work reliably, DNS database needs to contain CNAME records that point to the Preseed server, for example:

  • debian.seed.example.org

  • debian-vm.seed.example.org

  • debian-user.seed.example.org

  • debian-vm-user.seed.example.org

For convenience, you might also want to create a short DNS records for the *.seed "domain" that can be used in the menu system implemented by the debops.ipxe role:

  • debian.seed

  • debian-vm.seed

  • debian-user.seed

  • debian-vm-user.seed

You can create your own Preseed "flavors" in the same way, just remember to add the needed CNAME DNS records.

Example inventory

To configure the Preseed server, you can add a host to the [debops_service_preseed] group:

[debops_all_hosts]
hostname

[debops_service_preseed]
hostname

Example playbook

If you are using this role without DebOps, here's an example Ansible playbook that uses the debops.preseed role:

---

- name: Provide Debian Preseed configuration files over HTTP
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_preseed' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  roles:

    - role: keyring
      tags: [ 'role::keyring', 'skip::keyring', 'role::nginx' ]
      keyring__dependent_apt_keys:
        - '{{ nginx__keyring__dependent_apt_keys }}'

    - role: apt_preferences
      tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
      apt_preferences__dependent_list:
        - '{{ nginx__apt_preferences__dependent_list }}'

    - role: ferm
      tags: [ 'role::ferm', 'skip::ferm' ]
      ferm__dependent_rules:
        - '{{ nginx__ferm__dependent_rules }}'

    - role: python
      tags: [ 'role::python', 'skip::python' ]
      python__dependent_packages3:
        - '{{ nginx__python__dependent_packages3 }}'
      python__dependent_packages2:
        - '{{ nginx__python__dependent_packages2 }}'

    - role: nginx
      tags: [ 'role::nginx', 'skip::nginx' ]
      nginx__servers:
        - '{{ preseed__nginx__dependent_servers }}'

    - role: preseed
      tags: [ 'role::preseed', 'skip::preseed' ]

Ansible tags

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible run. This can be used after a host was first configured to speed up playbook execution, when you are sure that most of the configuration is already in the desired state.

Available role tags:

role::preseed

Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.

Other resources

List of other useful resources related to the debops.preseed Ansible role: